• Champion and execute the overall corporate IT security strategy, roadmap and governance structure, partnering with internal risk/compliance, operational, clinical, technical and business teams as well as external customers and relevant third-party stakeholders • Understand business processes and information system requirements and the associated information risk in those processes • Liaise closely with internal Canadian legal/privacy team to ensure adherence and alignment with Canadian privacy, data governance and regulatory requirements, and the business’ contractual commitments • Work directly with the Canadian commercial team and client base to understand market business and functional requirements and provide compliance, security, and risk assessment support and guidance as required • Establish and execute formal vendor security assessments, including pre-onboarding due diligence and ongoing monitoring of third-party vendors and sub-processors handling sensitive information • Implement all information security, including security breaches, business continuity, and regulatory compliance programs including legal requirements, industry regulations, and best practices (e.g., ISO27001, SOC 2 Type II, etc.) • Lead end-to-end SOC 2 Type II and ISO 27001 audit cycles, including gap assessments, evidence collection via GRC tooling (e.g. Vanta) and act as the primary liaison for external auditors to support certifications • Develop information security guidelines, procedures, and responsibilities and support the development and implementation of technical and administrative security controls and related training and education • Oversee technical incident response planning and implementation and participate in incident response, root cause analysis, and remediation activities • Assess our technology environment and development methodology (SDLC) to identify and mitigate risks and gaps related to information security including potential data breaches • Design, implement, and maintain security controls across infrastructure, applications, integrations and cloud environments in collaboration with our technology team and third-party vendors including: Applications and other systems and middleware components, including operating systems, web servers, databases, and DNS services (e.g. Salesforce, Mulesoft, APIs, etc.) • Network security architecture, including firewalls, segmentation, and secure communication protocols • Logging and monitoring security needs, including SIEM platforms • Encryption standards needed for compliance • Document security configurations, processes, and controls • Digital certificate lifecycle management, including issuance, renewal, and revocation • Communicate information security and compliance risks to leadership and other technical and non-technical stakeholders for proper awareness and decision making • Other duties as assigned

• AI Vendor & Technology Evaluation • Secure AI Implementation Guidance for Development Teams • AI Risk Management & Compliance • Security Integration Reviews • Training , Awareness & Policy

• Own and deliver security revenue targets across new and existing customers • Identify, qualify, and progress cybersecurity opportunities within the pipeline • Lead complex sales cycles, from discovery through to negotiation and closure • Develop and execute account-level security growth plans with Account Managers • Engage senior stakeholders (CIO, CTO, CISO) on cybersecurity strategy and risk • Conduct consultative discovery to uncover business risks, compliance needs, and technical gaps • Position tailored solutions aligned to customer outcomes (risk reduction, compliance, resilience) • Present and demonstrate cybersecurity solutions in a clear, business-relevant manner • Maintain deep knowledge of cybersecurity domains, including: Managed Security Services (SOC, MDR, SIEM), Endpoint and network security, Identity and access management, Cloud security and zero trust architectures, Governance, risk, and compliance (GRC) • Collaborate with pre-sales and technical teams to design high-quality solutions • Work closely with Account Managers to drive joint opportunities, Marketing on campaigns, events, and go-to-market initiatives, and delivery teams to ensure smooth transition from sale to implementation. • Build strong relationships with strategic security vendors • Leverage partner programmes, incentives, and technical resources • Stay current on vendor roadmaps and emerging technologies

• You design prompt injection scenarios in YAML, run them against frontier models, validate success rates, and submit passing tasks. • 5 high-quality tasks per week (full-time equivalent).